what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 458 RSS Feed

Files

Ubuntu Security Notice USN-1222-1
Posted Sep 30, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1222-1 - Firefox could be made to crash or possibly run programs as your login if it opened a malicious website. Benjamin Smedberg, Bob Clary, Jesse Ruderman, Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. Boris Zbarsky discovered that a frame named "location" could shadow the window.location object unless a script in a page grabbed a reference to the true object before the frame was created. This is in violation of the Same Origin Policy. A malicious website could possibly use this to access another website or the local file system. Various other issues were also addressed.

tags | advisory, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-2372, CVE-2011-2995, CVE-2011-2997, CVE-2011-2999, CVE-2011-3000, CVE-2011-3001, CVE-2011-3002, CVE-2011-3003, CVE-2011-3004, CVE-2011-3005, CVE-2011-3232
SHA-256 | d1fc7d9a5520c3ff7a7143e625e8f9b84dd695c464b3380d4c19e9e3d5cb3e64
Ubuntu Security Notice USN-1221-1
Posted Sep 30, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1221-1 - It was discovered that mutt incorrectly verified the hostname in an SSL certificate. An attacker could trick mutt into trusting a rogue SMTPS, IMAPS, or POP3S server's certificate, which was signed by a trusted certificate authority, to perform a man-in-the-middle attack.

tags | advisory, imap
systems | linux, ubuntu
advisories | CVE-2011-1429
SHA-256 | d5327d7489e79d924d92a0d60f8d9238e3cf7793305156d14665eb648ca81fec
Secunia Security Advisory 46220
Posted Sep 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for Django. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose certain system information, manipulate certain data, conduct cache poisoning attacks, and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, fedora
SHA-256 | 98711881afded92a4992b00730d14a1d2717b01ba063de97344eb5d5c0f67c84
Secunia Security Advisory 46212
Posted Sep 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the T3BLOG extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 0127e5b17d81c1710eea0ee8e0125f08b13b4e2baba1bccb2fc3cc884dcbdd2e
Secunia Security Advisory 46230
Posted Sep 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco Unified Communications Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco
SHA-256 | 7d51385f7a6b867c1d44649de4ea6f8a27dd8bf5bc510b829ddd4d2d6d5f9dc4
Secunia Security Advisory 46185
Posted Sep 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco Jabber Extensible Communications Platform (Jabber XCP), which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco
SHA-256 | 73e5622f6500fc60786e9da0d2f01179ea18ab9ccf1fc217bf11d44d7050930f
Secunia Security Advisory 46196
Posted Sep 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 85bd84c1ee3691798ca8ee40732c9454746a61a8b42142c9304767fefa032e33
Secunia Security Advisory 46233
Posted Sep 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco Unified Presence, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco
SHA-256 | bdd3a931a89602cb2bb231fb348980c5cee1d1c2fa7ce8843dfa85dbf1d75c57
Secunia Security Advisory 46198
Posted Sep 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | cisco
SHA-256 | 5deab5ee419e1e34f8343175b9735c9b1200aa25b28d55f2cd8360b11c02976d
Debian Security Advisory 2313-1
Posted Sep 29, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2313-1 - Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2011-2372, CVE-2011-2995, CVE-2011-2998, CVE-2011-2999, CVE-2011-3000
SHA-256 | 0e66a3f9f409834c4e46d8404804c078686458d479cf01ba08a626f27dcd9d48
Ubuntu Security Notice USN-1220-1
Posted Sep 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1220-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Timo Warns discovered that the EFI GUID partition table was not correctly parsed. A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-1576, CVE-2011-1776, CVE-2011-2213, CVE-2011-2497, CVE-2011-2700, CVE-2011-2723, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
SHA-256 | 381cb500bd82528a730aee301d5df2fea4835c168a78a002069bcb53da18ca72
Debian Security Advisory 2312-1
Posted Sep 29, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2312-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-2372, CVE-2011-2995, CVE-2011-2998, CVE-2011-2999, CVE-2011-3000
SHA-256 | a6902286da44592ff48572355b8fee8eb0b4d4760d83235fc8062977b61f3d9d
Ubuntu Security Notice USN-1219-1
Posted Sep 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1219-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Timo Warns discovered that the EFI GUID partition table was not correctly parsed. A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-1576, CVE-2011-1776, CVE-2011-1833, CVE-2011-2213, CVE-2011-2497, CVE-2011-2699, CVE-2011-2700, CVE-2011-2723, CVE-2011-2918, CVE-2011-2928, CVE-2011-3191
SHA-256 | 5bbf959fff7d5604adafb12f55e81da2ac28c246748613faaed45b3156c8add2
Ubuntu Security Notice USN-1218-1
Posted Sep 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1218-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Alex Shi and Eric Dumazet discovered that the network stack did not correctly handle packet backlogs. A remote attacker could exploit this by sending a large amount of network traffic to cause the system to run out of memory, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4076, CVE-2010-4077, CVE-2010-4251, CVE-2010-4805, CVE-2011-1020, CVE-2011-1493, CVE-2011-1577, CVE-2011-2213, CVE-2011-2484, CVE-2011-2492, CVE-2011-2700, CVE-2011-2723, CVE-2011-2918
SHA-256 | 7ce613f6fb82e60467fe2db0120524df0114dd4f622231bc1bba67151a5b6582
AmpJuke 0.8.5 Apache mod_negotiation Filename Bruteforce
Posted Sep 29, 2011
Authored by indoushka

AmpJuke version 0.8.5 with Apache mod_negotiation suffers from a directory listing vulnerability.

tags | advisory, info disclosure
SHA-256 | 66a33ea5e3bae7835afaeffc341e89465322c61b1372aa317bfcf3868a659ccf
Ubuntu Security Notice USN-1217-1
Posted Sep 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1217-1 - Kristian Erik Hermansen discovered a directory traversal vulnerability in the SSLFile indirection base class. A remote attacker could exploit this to overwrite files with the privileges of the Puppet Master.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2011-3848
SHA-256 | cb0df75e0ea4625a8f572eb50a779b751932821421ee7b8d18861e0a3ad2212f
Red Hat Security Advisory 2011-1344-01
Posted Sep 29, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1344-01 - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled frame objects with certain names. An attacker could use this flaw to cause a plug-in to grant its content access to another site or the local file system, violating the same-origin policy. An integer underflow flaw was found in the way SeaMonkey handled large JavaScript regular expressions. A web page containing malicious JavaScript could cause SeaMonkey to access already freed memory, causing SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.

tags | advisory, web, arbitrary, local, javascript
systems | linux, redhat
advisories | CVE-2011-2998, CVE-2011-2999
SHA-256 | 9da687a381ca20d046b5c50589b968fee6f0f6760fa5b50b72ae19d0c9de5863
Game Servers Client 2.00 Build 3017 Denial Of Service
Posted Sep 29, 2011
Authored by Michael Gray

Game Servers Client version 2.00 Build 3017 suffers from a denial of service vulnerability.

tags | advisory, denial of service
SHA-256 | 8bafaef1b58fae03b23b8a5bd380a03af81a384af4e2638199592f25f97a9cd8
Game Servers Client 2.00 Build 3017 Bypass
Posted Sep 29, 2011
Authored by Michael Gray

Game Servers Client version 2.00 Build 3017 uses IRC as the backend but failed to validate changes to a nickname.

tags | advisory, bypass
SHA-256 | 80445d16ffe02cb047a1e223a26a3ad71167fd01c9524171970119db25b999c4
Red Hat Security Advisory 2011-1343-01
Posted Sep 29, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1343-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled frame objects with certain names. An attacker could use this flaw to cause a plug-in to grant its content access to another site or the local file system, violating the same-origin policy. An integer underflow flaw was found in the way Thunderbird handled large JavaScript regular expressions. An HTML mail message containing malicious JavaScript could cause Thunderbird to access already freed memory, causing Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, arbitrary, local, javascript
systems | linux, redhat
advisories | CVE-2011-2998, CVE-2011-2999
SHA-256 | 3687f8be51c9a85fd3c79f10c8bab76b7b4dafaaac4db14db59c0c0b77e3d708
Ubuntu Security Notice USN-1213-1
Posted Sep 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1213-1 - Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered multiple memory vulnerabilities in the Gecko rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. Boris Zbarsky discovered that a frame named "location" could shadow the window.location object unless a script in a page grabbed a reference to the true object before the frame was created. This is in violation of the Same Origin Policy. A malicious E-Mail could possibly use this to access the local file system. Various other issues were also addressed.

tags | advisory, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-2372, CVE-2011-2995, CVE-2011-2996, CVE-2011-2999, CVE-2011-3000
SHA-256 | e2949a7050ea58c1e4b98c809fd3a351a236e932e99e60259fbe202ed0e4a651
Red Hat Security Advisory 2011-1342-01
Posted Sep 29, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1342-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Thunderbird processed the "Enter" keypress event. A malicious HTML mail message could present a download dialog while the key is pressed, activating the default "Open" action. A remote attacker could exploit this vulnerability by causing the mail client to open malicious web content.

tags | advisory, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-2372, CVE-2011-2995, CVE-2011-2998, CVE-2011-2999, CVE-2011-3000
SHA-256 | a8625a9160b247b90199ce4274aa8f6096c8d45553eb33684ffa4642f14866c3
Red Hat Security Advisory 2011-1341-01
Posted Sep 29, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1341-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A flaw was found in the way Firefox processed the "Enter" keypress event. A malicious web page could present a download dialog while the key is pressed, activating the default "Open" action. A remote attacker could exploit this vulnerability by causing the browser to open malicious web content.

tags | advisory, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-2372, CVE-2011-2995, CVE-2011-2998, CVE-2011-2999, CVE-2011-3000
SHA-256 | 0c6ac8865b32e82e11c3f328b55e69c05b18020b7e3bc65cf024f724f351bdd1
HP Security Bulletin HPSBUX02707 SSRT100626
Posted Sep 29, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02707 SSRT100626 - A potential security vulnerability has been identified with HP-UX Apache Web Server. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, web, denial of service
systems | hpux
advisories | CVE-2011-0419, CVE-2011-3192, CVE-2011-3348
SHA-256 | 8c8491ffbdea51197735b916bafae7e01bedf7e73d74f78a14d32b3f74aa0016
Secunia Security Advisory 46139
Posted Sep 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Quagga, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 97dfe268f2abd4303ff43faac58e0eea56dfeeba5395d51886dfc8126cba7c02
Page 1 of 19
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close